Next Issue
Volume 1, June

J. Cybersecur. Priv., Volume 1, Issue 1 (March 2021) – 11 articles

  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Readerexternal link to open them.
Order results
Result details
Select all
Export citation of selected articles as:
Article
Enhancing Machine Learning Prediction in Cybersecurity Using Dynamic Feature Selector
J. Cybersecur. Priv. 2021, 1(1), 199-218; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010011 - 21 Mar 2021
Cited by 1 | Viewed by 834
Abstract
Machine learning algorithms are becoming very efficient in intrusion detection systems with their real time response and adaptive learning process. A robust machine learning model can be deployed for anomaly detection by using a comprehensive dataset with multiple attack types. Nowadays datasets contain [...] Read more.
Machine learning algorithms are becoming very efficient in intrusion detection systems with their real time response and adaptive learning process. A robust machine learning model can be deployed for anomaly detection by using a comprehensive dataset with multiple attack types. Nowadays datasets contain many attributes. Such high dimensionality of datasets poses a significant challenge to information extraction in terms of time and space complexity. Moreover, having so many attributes may be a hindrance towards creation of a decision boundary due to noise in the dataset. Large scale data with redundant or insignificant features increases the computational time and often decreases goodness of fit which is a critical issue in cybersecurity. In this research, we have proposed and implemented an efficient feature selection algorithm to filter insignificant variables. Our proposed Dynamic Feature Selector (DFS) uses statistical analysis and feature importance tests to reduce model complexity and improve prediction accuracy. To evaluate DFS, we conducted experiments on two datasets used for cybersecurity research namely Network Security Laboratory (NSL-KDD) and University of New South Wales (UNSW-NB15). In the meta-learning stage, four algorithms were compared namely Bidirectional Long Short-Term Memory (Bi-LSTM), Gated Recurrent Units, Random Forest and a proposed Convolutional Neural Network and Long Short-Term Memory (CNN-LSTM) for accuracy estimation. For NSL-KDD, experiments revealed an increment in accuracy from 99.54% to 99.64% while reducing feature size of one-hot encoded features from 123 to 50. In UNSW-NB15 we observed an increase in accuracy from 90.98% to 92.46% while reducing feature size from 196 to 47. The proposed approach is thus able to achieve higher accuracy while significantly lowering number of features required for processing. Full article
(This article belongs to the Special Issue Cyber Situational Awareness Techniques and Human Factors)
Show Figures

Figure 1

Editorial
Journal of Cybersecurity and Privacy: A New Open Access Journal
J. Cybersecur. Priv. 2021, 1(1), 195-198; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010010 - 19 Mar 2021
Viewed by 723
Abstract
The Cybersecurity and Privacy field has been one of the most critical parts of our lives and modern society at large [...] Full article
Review
Secure and Privacy-Aware Blockchain Design: Requirements, Challenges and Solutions
J. Cybersecur. Priv. 2021, 1(1), 164-194; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010009 - 14 Mar 2021
Viewed by 954
Abstract
During the last decade, distributed ledger solutions such as blockchain have gained significant attention due to their decentralized, immutable, and verifiable features. However, the public availability of data stored on the blockchain and its link to users may raise privacy and security issues. [...] Read more.
During the last decade, distributed ledger solutions such as blockchain have gained significant attention due to their decentralized, immutable, and verifiable features. However, the public availability of data stored on the blockchain and its link to users may raise privacy and security issues. In some cases, addressing these issues requires blockchain data to be secured with mechanisms that allow on-demand (as opposed to full) disclosure. In this paper, we give a comprehensive overview of blockchain privacy and security requirements, and detail how existing mechanisms answer them. We provide a taxonomy of current attacks together with related countermeasures. We present a thorough comparative analysis based on various parameters of state-of the-art privacy and security mechanisms, we provide recommendations to design secure and privacy-aware blockchain, and we suggest guidelines for future research. Full article
(This article belongs to the Special Issue Intelligent Security and Privacy Approaches against Cyber Threats)
Show Figures

Figure 1

Article
Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence
J. Cybersecur. Priv. 2021, 1(1), 140-163; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010008 - 26 Feb 2021
Cited by 1 | Viewed by 1355
Abstract
Cyber threat intelligence (CTI) sharing is the collaborative effort of sharing information about cyber attacks to help organizations gain a better understanding of threats and proactively defend their systems and networks from cyber attacks. The challenge that we address is the fact that [...] Read more.
Cyber threat intelligence (CTI) sharing is the collaborative effort of sharing information about cyber attacks to help organizations gain a better understanding of threats and proactively defend their systems and networks from cyber attacks. The challenge that we address is the fact that traditional indicators of compromise (IoC) may not always capture the breath or essence of a cyber security threat or attack campaign, possibly leading to false alert fatigue and missed detections with security analysts. To tackle this concern, we designed and evaluated a CTI solution that complements the attribute and tagging based sharing of indicators of compromise with machine learning (ML) models for collaborative threat detection. We implemented our solution on top of MISP, TheHive, and Cortex—three state-of-practice open source CTI sharing and incident response platforms—to incrementally improve the accuracy of these ML models, i.e., reduce the false positives and false negatives with shared counter-evidence, as well as ascertain the robustness of these models against ML attacks. However, the ML models can be attacked as well by adversaries that aim to evade detection. To protect the models and to maintain confidentiality and trust in the shared threat intelligence, we extend our previous research to offer fine-grained access to CP-ABE encrypted machine learning models and related artifacts to authorized parties. Our evaluation demonstrates the practical feasibility of the ML model based threat intelligence sharing, including the ability of accounting for indicators of adversarial ML threats. Full article
(This article belongs to the Special Issue Intelligent Security and Privacy Approaches against Cyber Threats)
Show Figures

Figure 1

Article
The Cybersecurity Focus Area Maturity (CYSFAM) Model
J. Cybersecur. Priv. 2021, 1(1), 119-139; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010007 - 13 Feb 2021
Cited by 1 | Viewed by 911
Abstract
The cost of recovery after a cybersecurity attack is likely to be high and may result in the loss of business at the extremes. Evaluating the acquired cybersecurity capabilities and evolving them to a desired state in consideration of risks are inevitable. This [...] Read more.
The cost of recovery after a cybersecurity attack is likely to be high and may result in the loss of business at the extremes. Evaluating the acquired cybersecurity capabilities and evolving them to a desired state in consideration of risks are inevitable. This research proposes the CYberSecurity Focus Area Maturity (CYSFAM) Model for assessing cybersecurity capabilities. In this design science research, CYSFAM was evaluated at a large financial institution. From the many cybersecurity standards, 11 encompassing focus areas were identified. An assessment instrument—containing 144 questions—was developed. The in-depth single case study demonstrates how and to what extent cybersecurity related deficiencies can be identified. The novel scoring metric has been proven to be adequate, but can be further improved upon. The evaluation results show that the assessment questions suit the case study target audience; the assessment can be performed within four hours; the organization recognizes itself in the result. Full article
(This article belongs to the Special Issue Intelligent Security and Privacy Approaches against Cyber Threats)
Show Figures

Figure 1

Article
A Cryptography-Powered Infrastructure to Ensure the Integrity of Robot Workflows
J. Cybersecur. Priv. 2021, 1(1), 93-118; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010006 - 14 Jan 2021
Viewed by 727
Abstract
With the growing popularity of robots, the development of robot applications is subject to an ever increasing number of additional requirements from e.g., safety, legal and ethical sides. The certification of an application for compliance to such requirements is an essential step in [...] Read more.
With the growing popularity of robots, the development of robot applications is subject to an ever increasing number of additional requirements from e.g., safety, legal and ethical sides. The certification of an application for compliance to such requirements is an essential step in the development of a robot program. However, at this point in time it must be ensured that the integrity of this program is preserved meaning that no intentional or unintentional modifications happen to the program until the robot executes it. Based on the abstraction of robot programs as workflows we present in this work a cryptography-powered distributed infrastructure for the preservation of robot workflows. A client composes a robot program and once it is accepted a separate entity provides a digital signature for the workflow and its parameters which can be verified by the robot before executing it. We demonstrate a real-world implementation of this infrastructure using a mobile manipulator and its software stack. We also provide an outlook on the integration of this work into our larger undertaking to provide a distributed ledger-based compliant robot application development environment. Full article
(This article belongs to the Section Security Engineering & Applications)
Show Figures

Figure 1

Article
Password Similarity Using Probabilistic Data Structures
J. Cybersecur. Priv. 2021, 1(1), 78-92; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010005 - 31 Dec 2020
Viewed by 986
Abstract
Passwords should be easy to remember, yet expiration policies mandate their frequent change. Caught in the crossfire between these conflicting requirements, users often adopt creative methods to perform slight variations over time. While easily fooling the most basic checks for similarity, these schemes [...] Read more.
Passwords should be easy to remember, yet expiration policies mandate their frequent change. Caught in the crossfire between these conflicting requirements, users often adopt creative methods to perform slight variations over time. While easily fooling the most basic checks for similarity, these schemes lead to a substantial decrease in actual security, because leaked passwords, albeit expired, can be effectively exploited as seeds for crackers. This work describes an approach based on Bloom Filters to detect password similarity, which can be used to discourage password reuse habits. The proposed scheme intrinsically obfuscates the stored passwords to protect them in case of database leaks, and can be tuned to be resistant to common cryptanalytic techniques, making it suitable for usage on exposed systems. Full article
Show Figures

Figure 1

Article
Refinement Orders for Quantitative Information Flow and Differential Privacy
J. Cybersecur. Priv. 2021, 1(1), 40-77; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010004 - 12 Dec 2020
Viewed by 719
Abstract
Quantitative Information Flow (QIF) and Differential Privacy (DP) are both concerned with the protection of sensitive information, but they are rather different approaches. In particular, QIF considers the expected probability of a successful attack, while DP (in both its standard and local versions) [...] Read more.
Quantitative Information Flow (QIF) and Differential Privacy (DP) are both concerned with the protection of sensitive information, but they are rather different approaches. In particular, QIF considers the expected probability of a successful attack, while DP (in both its standard and local versions) is a max-case measure, in the sense that it is compromised by the existence of a possible attack, regardless of its probability. Comparing systems is a fundamental task in these areas: one wishes to guarantee that replacing a system A by a system B is a safe operation that is the privacy of B is no worse than that of A. In QIF, a refinement order provides strong such guarantees, while, in DP, mechanisms are typically compared w.r.t. the privacy parameter ε in their definition. In this paper, we explore a variety of refinement orders, inspired by the one of QIF, providing precise guarantees for max-case leakage. We study simple structural ways of characterising them, the relation between them, efficient methods for verifying them and their lattice properties. Moreover, we apply these orders in the task of comparing DP mechanisms, raising the question of whether the order based on ε provides strong privacy guarantees. We show that, while it is often the case for mechanisms of the same “family” (geometric, randomised response, etc.), it rarely holds across different families. Full article
Show Figures

Figure 1

Article
Investigating Anti-Evasion Malware Triggers Using Automated Sandbox Reconfiguration Techniques
J. Cybersecur. Priv. 2021, 1(1), 19-39; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010003 - 20 Nov 2020
Viewed by 1347
Abstract
Malware analysis is fundamental for defending against prevalent cyber security threats and requires a means to deploy and study behavioural software traits as more sophisticated malware is developed. Traditionally, virtual machines are used to provide an environment that is isolated from production systems [...] Read more.
Malware analysis is fundamental for defending against prevalent cyber security threats and requires a means to deploy and study behavioural software traits as more sophisticated malware is developed. Traditionally, virtual machines are used to provide an environment that is isolated from production systems so as to not cause any adverse impact on existing infrastructure. Malware developers are fully aware of this and so will often develop evasion techniques to avoid detection within sandbox environments. In this paper, we conduct an investigation of anti-evasion malware triggers for uncovering malware that may attempt to conceal itself when deployed in a traditional sandbox environment. To facilitate our investigation, we developed a tool called MORRIGU that couples together both automated and human-driven analysis for systematic testing of anti-evasion methods using dynamic sandbox reconfiguration techniques. This is further supported by visualisation methods for performing comparative analysis of system activity when malware is deployed under different sandbox configurations. Our study reveals a variety of anti-evasion traits that are shared amongst different malware families, such as sandbox “wear-and-tear”, and Reverse Turing Tests (RTT), as well as more sophisticated malware samples that require multiple anti-evasion checks to be deployed. We also perform a comparative study using Cuckoo sandbox to demonstrate the limitations of adopting only automated analysis tools, to justify the exploratory analysis provided by MORRIGU. By adopting a clearer systematic process for uncovering anti-evasion malware triggers, as supported by tools like MORRIGU, this study helps to further the research of evasive malware analysis so that we can better defend against such future attacks. Full article
Show Figures

Figure 1

Review
Blockchain Technology: Emerging Applications and Use Cases for Secure and Trustworthy Smart Systems
J. Cybersecur. Priv. 2021, 1(1), 4-18; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010002 - 10 Nov 2020
Cited by 1 | Viewed by 1219
Abstract
Blockchain, also known as a distributed ledger technology, stores different transactions/operations in a chain of blocks in a distributed manner without needing a trusted third-party. Blockchain is proven to be immutable, which helps with integrity and accountability, and, to some extent, confidentiality through [...] Read more.
Blockchain, also known as a distributed ledger technology, stores different transactions/operations in a chain of blocks in a distributed manner without needing a trusted third-party. Blockchain is proven to be immutable, which helps with integrity and accountability, and, to some extent, confidentiality through a pair of public and private keys. Blockchain has been in the spotlight after successful boom of the Bitcoin. There have been efforts to leverage salient features of Blockchain for different applications and use cases. This paper presents a comprehensive survey of applications and use cases of Blockchain technology for making smart systems secure and trustworthy. Specifically, readers of this paper can have thorough understanding of applications and use cases of Blockchain technology. Full article
(This article belongs to the Special Issue Intelligent Security and Privacy Approaches against Cyber Threats)
Show Figures

Figure 1

Editorial
Journal of Cybersecurity and Privacy: A New Open Access Journal
J. Cybersecur. Priv. 2021, 1(1), 1-3; https://0-doi-org.brum.beds.ac.uk/10.3390/jcp1010001 - 14 Jun 2018
Viewed by 3337
Abstract
Journal of Cybersecurity and Privacy is critical to society at large, and its importance is growing daily. The rapid advancement in technology has caused a large-scale integration of computing, communication, and information technologies into virtually every aspect of our modern society[...] Full article
Next Issue
Back to TopTop